Date: Wednesday, May 20, 2020 @ 07:49:02 Author: mtorromeo Revision: 630373
Added softhsm as checkdepends for sssd Added: softhsm/ softhsm/trunk/ softhsm/trunk/PKGBUILD softhsm/trunk/softhsm-2.6.1-rh1831086-exit.patch ------------------------------------+ PKGBUILD | 58 ++++++++++++++++++++++++++++ softhsm-2.6.1-rh1831086-exit.patch | 72 +++++++++++++++++++++++++++++++++++ 2 files changed, 130 insertions(+) Added: softhsm/trunk/PKGBUILD =================================================================== --- softhsm/trunk/PKGBUILD (rev 0) +++ softhsm/trunk/PKGBUILD 2020-05-20 07:49:02 UTC (rev 630373) @@ -0,0 +1,58 @@ +# Maintainer: Massimiliano Torromeo <massimiliano.torro...@gmail.com> +# Contributor: Javier Torres <javitonino [at] gmail [dot] com> + +pkgname=softhsm +pkgver=2.6.1 +pkgrel=1 +pkgdesc="Software PKCS#11 store" +arch=('x86_64') +url="https://www.opendnssec.org/softhsm/" +license=('BSD') +depends=('botan' 'sqlite3' 'openssl' 'p11-kit') +checkdepends=('cppunit') +backup=("etc/softhsm2.conf") +options=(!libtool) +source=("https://dist.opendnssec.org/source/$pkgname-$pkgver.tar.gz"{,.sig} + "softhsm-2.6.1-rh1831086-exit.patch") +sha256sums=('61249473054bcd1811519ef9a989a880a7bdcc36d317c9c25457fc614df475f2' + 'SKIP' + '163338a73ab1bcc475e07b96f054d3c8f67ac9d2637b8f74ddaa97aa6b4171e1') +validpgpkeys=('4D0388CE86BB398B387B663041F623BE4FCB0B94') + +build() { + cd "$srcdir/$pkgname-$pkgver" + patch -p1 -i "$srcdir/softhsm-2.6.1-rh1831086-exit.patch" + sed -i 's:^full_libdir=":#full_libdir=":g' configure.ac + sed -i "s:libdir)/@PACKAGE@:libdir):" Makefile.in + autoreconf -vfi + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib/pkcs11 \ + --datarootdir=/usr/share \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --with-p11-kit=/usr/share/p11-kit/modules/ \ + --with-migrate \ + --enable-visibility \ + --enable-ecc \ + --enable-eddsa \ + --disable-gost + make +} + +check() { + cd "$srcdir/$pkgname-$pkgver" + make check +} + +package() { + cd "$srcdir/$pkgname-$pkgver" + make DESTDIR="$pkgdir/" install + install -Dm0644 "LICENSE" "$pkgdir/usr/share/licenses/softhsm/LICENSE" + rm "$pkgdir/etc/softhsm2.conf.sample" + + cd "$pkgdir/usr/lib" + install -dm0755 softhsm + ln -s pkcs11/libsofthsm2.so softhsm/ + ln -s pkcs11/libsofthsm2.so +} Added: softhsm/trunk/softhsm-2.6.1-rh1831086-exit.patch =================================================================== --- softhsm/trunk/softhsm-2.6.1-rh1831086-exit.patch (rev 0) +++ softhsm/trunk/softhsm-2.6.1-rh1831086-exit.patch 2020-05-20 07:49:02 UTC (rev 630373) @@ -0,0 +1,72 @@ +diff --git a/src/lib/crypto/OSSLCryptoFactory.cpp b/src/lib/crypto/OSSLCryptoFactory.cpp +index 32daca2..ace4bcb 100644 +--- a/src/lib/crypto/OSSLCryptoFactory.cpp ++++ b/src/lib/crypto/OSSLCryptoFactory.cpp +@@ -226,31 +226,49 @@ err: + // Destructor + OSSLCryptoFactory::~OSSLCryptoFactory() + { +-#ifdef WITH_GOST +- // Finish the GOST engine +- if (eg != NULL) ++ bool ossl_shutdown = false; ++ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ // OpenSSL 1.1.0+ will register an atexit() handler to run ++ // OPENSSL_cleanup(). If that has already happened we must ++ // not attempt to free any ENGINEs because they'll already ++ // have been destroyed and the use-after-free would cause ++ // a deadlock or crash. ++ // ++ // Detect that situation because reinitialisation will fail ++ // after OPENSSL_cleanup() has run. ++ (void)ERR_set_mark(); ++ ossl_shutdown = !OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_RDRAND, NULL); ++ (void)ERR_pop_to_mark(); ++#endif ++ if (!ossl_shutdown) + { +- ENGINE_finish(eg); +- ENGINE_free(eg); +- eg = NULL; +- } ++#ifdef WITH_GOST ++ // Finish the GOST engine ++ if (eg != NULL) ++ { ++ ENGINE_finish(eg); ++ ENGINE_free(eg); ++ eg = NULL; ++ } + #endif + +- // Finish the rd_rand engine +- ENGINE_finish(rdrand_engine); +- ENGINE_free(rdrand_engine); +- rdrand_engine = NULL; ++ // Finish the rd_rand engine ++ ENGINE_finish(rdrand_engine); ++ ENGINE_free(rdrand_engine); ++ rdrand_engine = NULL; + ++ // Recycle locks ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++ if (setLockingCallback) ++ { ++ CRYPTO_set_locking_callback(NULL); ++ } ++#endif ++ } + // Destroy the one-and-only RNG + delete rng; + +- // Recycle locks +-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) +- if (setLockingCallback) +- { +- CRYPTO_set_locking_callback(NULL); +- } +-#endif + for (unsigned i = 0; i < nlocks; i++) + { + MutexFactory::i()->recycleMutex(locks[i]);